PM Flooder Kick Hack

[Sanchez 2403]

M2 Download Center

This is the hidden content, please

• Sign In
• or
• Sign Up

( Internal )

Hi everyone,

Maybe just in my country, but it looks so many people started using this annoying PM flooder which cause a buffer overflow in the target client. It can be fixed easily on server-side, so let's do it:

Add these functions as public to char.h:

    void ClearPMCounter(void)       { m_iPMCounter = 0;      } 
    void IncreasePMCounter(void)    { m_iPMCounter++;        }
    void SetLastPMPulse(void);
    int  GetPMCounter(void)   const { return m_iPMCounter;   }
    int  GetLastPMPulse(void) const { return m_iLastPMPulse; }
    

Add these to char.h too, but as protected:

int m_iLastPMPulse;
int m_iPMCounter;
    

Add this function to char.cpp:

void CHARACTER::SetLastPMPulse(void)
{
      m_iLastPMPulse = thecore_pulse() + 25;
}

Still in char.cpp search for the Initialize and add these to the function:

m_iLastPMPulse = 0;
m_iPMCounter = 0;

Now navigate to the Whisper function in input_main.cpp and add this after the iExtraLen variable checking at the top:

if (ch->GetLastPMPulse() < thecore_pulse())
     ch->ClearPMCounter();
     
if (ch->GetPMCounter() > 3 && ch->GetLastPMPulse() > thecore_pulse())
{
   ch->GetDesc()->SetPhase(PHASE_CLOSE);
   return -1;
} 

Search for this still in the Whisper function:

if (pkChr == ch)
    return (iExtraLen);
    

Add these after that:

ch->IncreasePMCounter();
ch->SetLastPMPulse();
    

[metin2team 741]

good job as always

[MT2Virus 2]

GGWP

Thanks 

[martysama0134 6946]

this annoying PM flooder

People said his tools are also account stealers.

Even though it's used for normal chat, you can directly use this inside CInputMain::Whisper instead of adding 23849243 data-members/member functions:

if (ch->IncreaseChatCounter() >= 10)
{
	// the rest of the code such as extra ban/kick
	return iExtraLen;
}

IncreaseChatCounter increases m_bChatCounter by 1, a variable resetted every 5 seconds to 0 via CHARACTER_MANAGER::Update.

[Sanchez 2403]

Maybe, but I don't know. I never used his hacks before.

[thiagosaliba 6]

Not this giving to compile the gamecore.

[Denis 1456]

@thiagosaliba, you should change m_IPMCounter to m_iPMCounter = 0;

[thiagosaliba 6]

Its Work.

[tmoitoi 26]

What your system exactly does ?

Thanks for share

[Sanchez 2403]

It allows to write just 3 whispers per second.

[Nirvana22 0]

 i use vanilla core, how to block?

[MORTE 76]

thanks

[florinrevine 1]

How it's working ?

 

If you are writing in a PM two or more texts without pause 3 secounds you get kick.

[Sanchez 2403]

It allows to write just 3 private messages per second.

[ScreamMyName 96]

You didn't have to give the actual link to this kick hack.. now i have to make lib for 34k coz kids are playing around^

[ScreamMyName 96]

Can someone show the exact place where to add those bits in input_main ?

[Sanchez 2403]

After this:

	if (iExtraLen < 0)
	{
		sys_err("invalid packet length (len %d size %u buffer %u)", iExtraLen, pinfo->wSize, uiBytes);
		ch->GetDesc()->SetPhase(PHASE_CLOSE);
		return -1;
	}

[Sanchez 2403]

Fix for the newly released lagger/kicker:
 
Replace the ACMD(do_messenger_auth) method with this:

	if (ch->GetArena())
	{
		ch->ChatPacket(CHAT_TYPE_INFO, LC_TEXT("´ë·ĂŔ忡Ľ­ »çżëÇĎ˝Ç Ľö ľř˝Ŕ´Ď´Ů."));
		return;
	}

	char arg1[256], arg2[256];
	two_arguments(argument, arg1, sizeof(arg1), arg2, sizeof(arg2));

	if (!*arg1 || !*arg2)
		return;

	char answer = LOWER(*arg1);

	if (!MessengerManager::instance().AuthToAdd(ch->GetName(), arg2, answer == 'y' ? false : true))
		return;

	if (answer != 'y')
	{
		LPCHARACTER tch = CHARACTER_MANAGER::instance().FindPC(arg2);

		if (tch)
			tch->ChatPacket(CHAT_TYPE_INFO, LC_TEXT("%s ´ÔŔ¸·Î şÎĹÍ ÄŁ±¸ µî·ĎŔ» °ĹşÎ ´çÇß˝Ŕ´Ď´Ů."), ch->GetName());
	}

In messenger_manager.cpp replace the AuthToAdd method with this :

bool MessengerManager::AuthToAdd(MessengerManager::keyA account, MessengerManager::keyA companion, bool bDeny)
{
	DWORD dw1 = GetCRC32(companion.c_str(), companion.length());
	DWORD dw2 = GetCRC32(account.c_str(), account.length());

	char buf[64];
	snprintf(buf, sizeof(buf), "%u:%u", dw1, dw2);
	DWORD dwComplex = GetCRC32(buf, strlen(buf));

	if (m_set_requestToAdd.find(dwComplex) == m_set_requestToAdd.end())
	{
		sys_log(0, "MessengerManager::AuthToAdd : request not exist %s -> %s", companion.c_str(), account.c_str());
		return false;
	}

	m_set_requestToAdd.erase(dwComplex);

	if (!bDeny)
	{
		AddToList(companion, account);
		AddToList(account, companion);
	}

	return true;
}

In messenger_manager.h replace this:

void	AuthToAdd(keyA account, keyA companion, bool bDeny);

With this:

bool	AuthToAdd(keyA account, keyA companion, bool bDeny);

[Destiny 12]

Replace the ACMD(do_messenger_auth) method to this: 
 in what cpp file ?

[Sanchez 2403]

cmd_general.cpp

[Destiny 12]

Thanks for share , all works fine.

[Rumor 2540]

You didn't have to give the actual link to this kick hack.. now i have to make lib for 34k coz kids are playing around^

 

Having the information public is the fastest way to get people to take action against it and the fix is in the thread. If you're able to create libs then it should be no problem for you

[Destiny 12]

 

You didn't have to give the actual link to this kick hack.. now i have to make lib for 34k coz kids are playing around^

 

Having the information public is the fastest way to get people to take action against it and the fix is in the thread. If you're able to create libs then it should be no problem for you

 

Also having the hack we could test if the c++ fix works

[Giovanni Emanuele Cannavo 3]

give me the hack for test in my server? Thank you

[Zonni 224]

 

 

You didn't have to give the actual link to this kick hack.. now i have to make lib for 34k coz kids are playing around^

 

Having the information public is the fastest way to get people to take action against it and the fix is in the thread. If you're able to create libs then it should be no problem for you

 

Also having the hack we could test if the c++ fix works

 

 

 

give me the hack for test in my server? Thank you

 

http://wklej.to/BZqOB

password: metin2dev

 

only for testing purposes only and i don't know this works because i didn't use it